KBouncer takes out BlueHat prize

Powered by SC Magazine
 

PhD grad wins Microsoft defensive tech competition.

Vasilis Pappas has been named as the first winner of Microsoft's BlueHat prize, awarded for the development of a new, innovative computer security defence technology.

Pappas won with his ‘kBouncer', an exploit mitigation technology that detects abnormal control transfers using the last branch recording feature of Intel processors to mitigate return-oriented programming (ROP).

ROP is an advanced technique that attackers use to combine short pieces of benign code, already present in a system, for a malicious purpose. Microsoft said that as it uses supported hardware features, kBouncer can be implemented with lower cost to performance and development time.

This technique was defended against in the winning and two runners-up technologies. The first runner-up was Ivan Fratric, who created ROPGuard, and the surprise second was Jared DeMott for /ROP.

Mike Reavey, senior director of the Microsoft security response center, said: “A year ago we posed a challenge to the researcher community and asked them to shift their focus from solely identifying and reporting individual vulnerabilities to investing in new lines of defensive research that could mitigate entire classes of attacks.

“It's with great pleasure that we congratulate the winner of our inaugural BlueHat prize contest for his submission of a novel defensive technology that advances the challenging issue of exploit mitigation of some of the most popular attack techniques we're seeing today.”

Matt Thomlinson, general manager of the Microsoft Trustworthy Computing group, said that it has integrated some of the finalists' technologies into its Enhanced Mitigation Experience Toolkit (EMET) 3.5 technology preview.

Dave Forstrom, Microsoft Trustworthy Computing director, said: “It's great to see an initiative to collaborate and share innovations [from] a year ago evolve into prototypes with one now available this quickly as a new freely available computer security tool. Even in an enterprise that is fully updated against known vulnerabilities, EMET provides defences that protect assets from the yet unknown threats. EMET can easily be used on home machines to protect against known, and unknown, vulnerabilities.”

Pappas is currently a PhD student at Columbia University in New York, and collected a $200,000 prize. Fratric was awarded $50,000 for his submission, while DeMott won $10,000 for his entry.

The BlueHat contest was announced at the 2011 Black Hat conference in Las Vegas and was designed to challenge the security community to look beyond the norm of problems such as vulnerabilities and instead focus on developing innovative solutions to pressing security challenges.

A panel of Microsoft security engineers judged the submissions based on: practicality and functionality; robustness; and impact. However security firm Subreption criticised the contest, saying that entrants would be selling themselves short, as Microsoft would own the intellectual property of the entry.

This article originally appeared at scmagazineuk.com

Copyright © SC Magazine, UK edition


KBouncer takes out BlueHat prize
 
 
 
Top Stories
Meet FABACUS, Westpac's first computer
GE225 operators celebrate gold anniversary.
 
NSW Govt gets ready to throw out the floppy disks
[Opinion] Dominic Perrottet says its time for government to catch up.
 
iiNet facing new copyright battle with Hollywood
Fighting to protect customer details.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest articles on BIT Latest Articles from BIT
Do you direct debit customers? Read this
Oct 10, 2014
Authorities have been targeting direct debit practices with iiNet and Dodo receiving formal ...
Optus expands 4G coverage
Oct 10, 2014
If you rely on an Optus phone for work you might be interested to know that there are now 200 ...
Microsoft Office is now free for some charities
Oct 10, 2014
Microsoft has announced that eligible Australian non-profit organisations and charities can now ...
Vodafone lights up 4G in Adelaide
Oct 9, 2014
Live and work in Adelaide? Vodafone has switched on its 4G network in the city and suburbs.
Next year tradies will be able to take payments using ingogo
Oct 3, 2014
Ingogo is going to provide a card payment service for Xero users.
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  26%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  22%
 
End user computing (desktops, mobiles, apps)
  15%
 
Software development
  25%
TOTAL VOTES: 346

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  58%
 
No
  42%
TOTAL VOTES: 144

Vote